Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
C:\windows\scorl.trojan.general.exe

C:\windows\scorl.trojan.general.exe


Plagegeister aller Art und deren Bekämpfung: C:\windows\scorl.trojan.general.exe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.10.2014, 15:44   #4
pa0000000
 
C:\windows\scorl.trojan.general.exe - Standard

So jetzt die frst



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by Pascal (administrator) on PASCAL-PC on 06-10-2014 13:46:29
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(HQCinemaV01.10) C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(hxxp://www.goforfiles.com/) C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\monitor.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(MyOSCompany) C:\Program Files (x86)\PCTRunner\MyOSProtect.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [] => [X]
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4862384 2012-03-21] (Exent Technologies Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - {3D5C0BD6-7735-62F6-6F8F-521BDAFB66B2} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} -> C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll (Plus HD)
BHO: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho64.dll (HD-Quality-v3V30.09)
BHO: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho64.dll (HQCinemaV01.10)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy64.dll (XTRM Group Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: I Want This -> {11111111-1111-1111-1111-110011221158} ->  No File
BHO-x32: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} ->  No File
BHO-x32: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll (HD-Quality-v3V30.09)
BHO-x32: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll (HQCinemaV01.10)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll (XTRM Group Ltd.)
BHO-x32: Ashampoo DE Toolbar -> {5786d022-540e-4699-b350-b4be0ae94b79} -> C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
BHO-x32: PlayBryte BHO -> {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files (x86)\BetterAds\ScriptHost.dll ()
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} ->  No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: FreeWorkz Games -> {D1ECD019-8423-43de-98D1-7892AF2DA309} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced -> {dc26eb86-ac6f-4093-918d-3e36cd607f01} ->  No File
BHO-x32: holasearch Helper Object -> {DFF9B2DA-EF99-4B26-83CB-7058299999D8} -> C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} -  No File
Toolbar: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - No Name - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
FF SelectedSearchEngine: FBDownloader Search
FF DefaultSearchEngine: FBDownloader Search
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\user.js
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fbdownloader_search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fileconverter-13-customized-web-search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: HD-Quality-v3V30.09 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-10-01]
FF Extension: HQCinema1.9V01.10 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-01]
FF Extension: Feven 1.5 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2013-11-21]
FF Extension: Plus-HD-2.6 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [2013-10-11]
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: Delta Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@delta.com [2013-03-26]
FF Extension: HolaSearch - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@holasearch.com [2013-08-30]
FF Extension: softonic.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbra@softonic.com [2013-03-28]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: FileConverter 1.3  - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [2013-10-23]
FF Extension: Searchqu Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2013-06-06]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: uTorrentBar_DE  - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2013-09-16]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: GoPhotoIt - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Movie2kDownloader - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: OfferMosquito - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\om@offermosquito.com.xpi [2013-10-04]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@holasearch.com [2013-10-27]
FF Extension: Iminent WebBooster - C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2013-10-27]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-04]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-13]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013-03-26]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF HKCU\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Short It!) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-01-13]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Pascal\AppData\Roaming\SpeedanAlysis\speedanalysis.crx [2013-02-14]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\Softonic.crx [2013-03-03]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Pascal\AppData\Roaming\BabSolution\CR\delta1.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-04-02]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Pascal\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Pascal\AppData\Roaming\PlusWinks\pluswinks.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 MyOSProtect; C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
S2 MySafeProxyMonitor; C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe [1311736 2014-10-01] (XTRM Group Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed] <==== ATTENTION
S4 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] () [File not signed]
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2319728 2014-10-01] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] () [File not signed]
S3 SystemExplorerHelpService; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
R2 X5XSEx; C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.)
S3 xhunter1; No ImagePath
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 13:46 - 2014-10-06 13:47 - 00050543 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-06 13:46 - 00000000 ____D () C:\FRST
2014-10-06 13:39 - 2014-10-06 13:31 - 02109952 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ___SD () C:\32788R22FWJFW
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Qoobox
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 18:49 - 2014-10-01 18:49 - 00000000 ____D () C:\ProgramData\374311380
2014-10-01 18:45 - 2014-10-06 13:32 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job
2014-10-01 18:45 - 2014-10-01 18:45 - 00005474 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-06 13:44 - 00003468 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003132 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002780 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002108 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00001440 _____ () C:\Windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job
2014-10-01 18:44 - 2014-10-01 18:45 - 00004470 _____ () C:\Windows\System32\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4
2014-10-01 18:44 - 2014-10-01 18:44 - 00006496 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6
2014-10-01 18:44 - 2014-10-01 18:44 - 00006162 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7
2014-10-01 18:44 - 2014-10-01 18:44 - 00005810 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1
2014-10-01 18:44 - 2014-10-01 18:44 - 00005138 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00004494 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3.job
2014-10-01 18:43 - 2014-10-01 18:45 - 00000000 ____D () C:\Program Files (x86)\HD-Quality-v3V30.09
2014-10-01 18:43 - 2014-10-01 18:44 - 00007524 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11
2014-10-01 18:43 - 2014-10-01 18:43 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3
2014-10-01 16:45 - 2014-10-01 16:45 - 00004400 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:44 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-10-01 16:44 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00005470 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5
2014-10-01 16:43 - 2014-10-01 16:43 - 00004462 _____ () C:\Windows\System32\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:42 - 2014-10-06 13:32 - 00003452 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00002104 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00001432 _____ () C:\Windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job
2014-10-01 16:42 - 2014-10-01 16:42 - 00006482 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1
2014-10-01 16:42 - 2014-10-01 16:42 - 00005134 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2
2014-10-01 16:41 - 2014-10-06 13:32 - 00004488 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.job
2014-10-01 16:41 - 2014-10-01 16:41 - 00007518 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4
2014-10-01 16:40 - 2014-10-06 13:40 - 00004152 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job
2014-10-01 16:40 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job
2014-10-01 16:40 - 2014-10-01 16:40 - 00007180 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6
2014-10-01 16:40 - 2014-10-01 16:40 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7
2014-10-01 16:39 - 2014-10-01 18:43 - 00003986 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-01 16:39 - 2014-10-01 16:41 - 00000000 ____D () C:\Users\Pascal\AppData\Local\TVWizard
2014-10-01 16:39 - 2014-10-01 16:39 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-01 16:38 - 2014-10-06 13:32 - 00005178 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.job
2014-10-01 16:38 - 2014-10-06 13:32 - 00000984 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-01 16:38 - 2014-10-05 18:48 - 00000988 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 18:43 - 00003732 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-01 16:38 - 2014-10-01 16:39 - 00008208 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11
2014-10-01 16:38 - 2014-10-01 16:38 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:37 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.job
2014-10-01 16:37 - 2014-10-01 16:43 - 00000000 ____D () C:\Program Files (x86)\HQCinema1.9V01.10
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Local\globalUpdate
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-01 16:36 - 2014-10-03 15:11 - 00000000 ____D () C:\Users\Pascal\AppData\Local\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:46 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-10-01 16:36 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\TVWizard
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\Program Files (x86)\XTRM Group
2014-10-01 16:35 - 2014-10-04 15:08 - 00000000 ____D () C:\Program Files (x86)\ver4NewPlayer
2014-10-01 16:35 - 2014-10-01 16:45 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 17:34 - 2014-09-20 17:39 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-09-20 17:32 - 2014-09-20 17:32 - 00001225 _____ () C:\Users\Pascal\Desktop\Driver Genius.lnk
2014-09-20 17:32 - 2014-09-20 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2014-09-20 17:31 - 2014-09-20 17:31 - 00000000 ____D () C:\Program Files (x86)\Driver-Soft
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de.exe
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de (1).exe
2014-09-17 18:45 - 2014-09-17 18:45 - 00000000 ____D () C:\Users\Pascal\Documents\Scratch Projects
2014-09-17 14:23 - 2014-09-17 14:23 - 01402920 _____ () C:\Users\Pascal\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Susu\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Pascal\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Gast\Desktop\Scratch.lnk
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:10 - 2014-09-16 21:11 - 00000000 ____D () C:\Program Files (x86)\Scratch
2014-09-16 21:06 - 2014-09-16 21:09 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Pascal\Downloads\ScratchInstaller1.4.exe
2014-09-16 21:06 - 2014-09-16 21:09 - 34485667 _____ () C:\Users\Pascal\Downloads\Scratch1.4.msi.installer.zip
2014-09-16 21:05 - 2014-09-16 21:05 - 01101648 _____ () C:\Users\Pascal\Downloads\Sketch - CHIP-Installer.exe
2014-09-11 22:29 - 2014-09-14 12:13 - 00000000 ____D () C:\Users\Pascal\Documents\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000800 _____ () C:\Users\Public\Desktop\OpenTTD.lnk
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\Program Files\OpenTTD
2014-09-11 22:27 - 2014-09-11 22:28 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64 (1).exe
2014-09-11 22:26 - 2014-09-11 22:26 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64.exe
2014-09-11 21:03 - 2014-09-11 21:12 - 00250880 _____ () C:\Users\Pascal\Mamas Geburtstagskarte (47).pub
2014-09-11 03:53 - 2014-08-17 06:00 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:53 - 2014-08-17 06:00 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:53 - 2014-08-17 05:59 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:58 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:53 - 2014-08-16 09:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:34 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-11 03:53 - 2014-08-16 07:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-11 03:03 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:03 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:12 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:12 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:11 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-06 22:44 - 2014-09-06 22:44 - 04188089 _____ () C:\Users\Pascal\Downloads\Piston House Waschmaschine.zip
2014-09-06 17:07 - 2014-10-02 17:21 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-06 17:07 - 2014-09-06 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-06 17:04 - 2014-09-06 17:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:01 - 2014-09-06 12:01 - 07433355 _____ () C:\Users\Pascal\Downloads\FR_hi_res_pack_01.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:40 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-06 13:40 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-06 13:40 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-06 13:38 - 2012-04-16 12:02 - 01795311 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 13:34 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-06 13:34 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-06 13:33 - 2014-03-29 07:22 - 00082852 _____ () C:\Windows\setupact.log
2014-10-06 13:33 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-06 13:33 - 2013-01-25 15:21 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-06 13:32 - 2013-10-11 16:41 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2014-10-06 13:32 - 2013-10-11 16:41 - 00001096 _____ () C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001904 _____ () C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001828 _____ () C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2014-10-06 13:32 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-06 13:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-05 19:32 - 2014-02-06 15:32 - 00000312 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-05 19:32 - 2013-10-30 14:32 - 00000310 _____ () C:\Windows\Tasks\DigitalSite.job
2014-10-05 19:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 19:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 19:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-05 16:03 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-05 15:33 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-05 08:37 - 2013-10-30 15:32 - 00000096 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 12:21 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-03 08:45 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-02 20:36 - 2014-03-31 14:14 - 00178980 _____ () C:\Windows\PFRO.log
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 15:58 - 2013-10-30 14:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-26 14:41 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-09-26 14:41 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
2014-09-23 15:07 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-23 15:05 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-20 17:49 - 2012-12-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-09-18 15:55 - 2014-06-04 14:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-17 14:31 - 2013-12-15 14:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 14:02 - 2013-03-24 17:31 - 00000000 ____D () C:\tmp
2014-09-11 21:12 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-09-11 19:06 - 2014-06-06 21:46 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-09-11 03:50 - 2012-04-21 11:21 - 01617968 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:49 - 2013-07-28 21:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:03 - 2014-05-06 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-06 17:09 - 2013-06-12 17:03 - 00000000 ____D () C:\Users\Pascal\Documents\Electronic Arts
2014-09-06 13:35 - 2012-04-16 19:41 - 00000000 ____D () C:\ProgramData\Skype

Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
C:\Users\Public\AlexaNSISPlugin.9612.dll


Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\BackupSetup.exe
C:\Users\Pascal\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.exe
C:\Users\Pascal\AppData\Local\Temp\optprosetup.exe
C:\Users\Pascal\AppData\Local\Temp\setup_337.exe
C:\Users\Pascal\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-26 00:52

==================== End Of Log ============================
--- --- ---
 

Themen zu C:\windows\scorl.trojan.general.exe
js/toolbar.crossrider.b, js/toolbar.crossrider.d, osx/chatzum.c, smartphone, win32/adware.loadshop.a, win32/distromatic.c, win32/sprotector.b, win32/toolbar.besttoolbars.j, win32/toolbar.bitcocktail.a, win32/toolbar.bitcocktail.b, win32/toolbar.conduit, win32/toolbar.conduit.y, win32/toolbar.crossrider.av, win32/toolbar.crossrider.aw, win32/toolbar.crossrider.ax, win32/toolbar.crossrider.ba, win32/toolbar.crossrider.bc, win32/toolbar.montiera.a, win32/toolbar.montiera.b, win32/toolbar.montiera.f, win32/toolbar.montiera.j, win32/toolbar.perion.a, win32/toolbar.perion.d, win64/toolbar.crossrider.j, win64/toolbar.crossrider.k, win64/toolbar.perion.a


« Einsprungpunkt nicht gefunden | Internetproblem Windows XP SP2 »


Ähnliche Themen: C:\windows\scorl.trojan.general.exe


  1. Hacker knackt OnStar-Kommunikationssystem von General Motors
    Nachrichten - 31.07.2015 (0)
  2. general crawlers
    Plagegeister aller Art und deren Bekämpfung - 26.02.2015 (31)
  3. Windows Defender: Problem beim Entfernen von Trojan:Win32/Necurs.A und Trojan:WinNT/Necurs.A unter Windows 7
    Log-Analyse und Auswertung - 11.04.2014 (52)
  4. general-changelog-team.fr ist anscheinend offline..geht auch über fileparade?
    Alles rund um Windows - 31.01.2014 (2)
  5. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  6. Windows 7: trojan staser und trojan clicker
    Log-Analyse und Auswertung - 25.08.2013 (11)
  7. Windows Update Trojaner/Trojan.Agent.H/Trojan.Phex.THAGen4
    Log-Analyse und Auswertung - 19.08.2012 (12)
  8. Nach system security Virus nun Trojan.sirefef und trojan.small in windows/installer
    Plagegeister aller Art und deren Bekämpfung - 18.07.2012 (23)
  9. 2x Rootkit0.Access, Trojan.Zaccess und zweimal Trojan.Dropper.PE4 in C:\Windows\Installer\
    Log-Analyse und Auswertung - 14.07.2012 (3)
  10. Trojan.Small, Trojan.Sirefef, Rootkit.0Access in C:\Windows\installer - ist nicht zu entfernen
    Log-Analyse und Auswertung - 05.07.2012 (23)
  11. Windows gesperrt, BKA Virus, Trojan.Agent, Heuristics Shuriken, trojan.vupx.pl1 etc.
    Log-Analyse und Auswertung - 04.03.2012 (3)
  12. C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) + trojan.bho
    Log-Analyse und Auswertung - 03.12.2009 (10)
  13. GeneralAntivirus / General Antivirus entfernen
    Anleitungen, FAQs & Links - 05.11.2009 (2)
  14. Services.exe und General Host Process werden mehrmals täglich beendet
    Alles rund um Windows - 29.05.2007 (1)
  15. general host for win32 prozesses wird immer beendet...
    Plagegeister aller Art und deren Bekämpfung - 11.12.2006 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema C:\windows\scorl.trojan.general.exe - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 Ran by Pascal (administrator) on PASCAL-PC on 06-10-2014 13:46:29 Running from C:\Users\Pascal\Desktop - C:\windows\scorl.trojan.general.exe...
Archiv
Du betrachtest: C:\windows\scorl.trojan.general.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19